Comments of the Noncommercial Users Constituency on the GNSO Whois Task Force Preliminary Task Force Report on Whois Services

Comment Period Nov. 24, 2006- Jan. 15 2007

(Original Document as .PDF)

  1.   The Noncommercial Users Constituency (NCUC) believes that ICANN policies governing the publication of WhoIs data must be reformed, and quickly. The Operational Point of Contact Proposal (“OPoC Proposal”) presented in this WhoIs Task Force Report is not perfect, but it is the only way to bring some consensus and closure to a problem that has festered for too long.
  2.   The original purpose of the WHOIS protocol is well known. When the Internet was an experimental network, the Whois contact information allowed domain administrators to identify each other for the purpose of solving technical problems. This original purpose, according to the GNSO Names Council, was consistent with ICANN’s current mission of operational stability, reliability, security and interoperability when it defined the Purpose of Whois on April 12, 2006: “The purpose of the gTLD Whois service is to provide information sufficient to contact a responsible party for a particular gTLD domain name who can resolve, or reliably pass on data to a party who can resolve, issues related to the configuration of the records associated with the domain name within a DNS nameserver.”
  3.   NCUC believes that the Operational Point of Contact (OPoC) Proposal is a judicious compromise that feasibly balances constituency input with the original purpose of Whois, ICANN’s Mission and Core Values, and the GNSO Council’s April 12 decision. We note again that the OPoC proposal is not what NCUC thinks is the optimal solution. We believe that “Anonymous pamphlets, leaflets, brochures and even books have played an important role in the progress of mankind” and should, in an ideal world, be allowed for political, religious and personal domain name registrants (quote from U.S. Supreme Court decision McIntyre v. Ohio Elections Commission,514U.S.334(1995)). But this is not the ideal world. Accordingly, NCUC representatives have worked hard and in good faith with other Whois Task Force members for a year to review and edit the OPoC proposal. OPoC incorporates significant review, work, input and edits from all constituencies and creates a balance that ICANN can live with. Domain name registrants will have some privacy; law enforcement and intellectual property will have access consistent with policies to be established. This is the closest we will ever get to agreement among the existing constituencies.

4. In addition,NCUC believes that the OPoC proposal is much less confusing than the legacy combination of administrative, technical and billing contacts. Under the OPoC proposal it would no longer be necessary to display all of these contacts; the functions would be combined into one. We agree with the idea of permitting or encouraging registrants to list two OPoCs as a form of reliability-enhancing redundancy.

5. Under ICANN’s current approach to Whois there are tremendous problems that OPoC would clearly correct. Today ICANN offers only a contract of adhesion that forces all domain name registrants to supply sensitive and personal contact information, and then allows this sensitive data to be indiscriminately published, in complete form, on the Internet for anyone to harvest and exploit. This global publication of the Whois database serves the special interests of trademark and copyright holders. It has imposed major costs on registries and registrars while subjecting millions of domain name registrants to spamming, and the risk of stalking, identity theft, and unjustified harassment and surveillance by intellectual property lawyers. It is time for a change.

6. NCUC believes that the combination of name server data and Operational Point of Contact are sufficient to meet the stated purpose for the publication of Whois data, and therefore does not believe that the name and jurisdiction of the registered name holder need to be published.

7.  The Special Circumstances Proposal (SCProposal) is unacceptable to the NCUC. It is a last-minute proposal submitted by the Intellectual Property Constituency and barely reviewed and edited by the Whois Task Force for lack of time. As the Terms of Reference tables in Section 2 and 4 of the Task Force clearly show, the SC Proposal does not even address most of the key terms of reference established by the Names Council for the Task Force. It does not define the purpose of the Registered Name Holder contact, purpose of Technical Contact, purpose of Administrative contact, or how inaccurate Whois data will be handled. WheretheOPoC is clear and balanced; the SC Proposal is ambiguous and self-serving for a few communities.

8. The SC Proposal represents the exact opposite of the direction ICANN should be headed. It assumes that all contact data of a domain name registrant should be available without restriction to any member of the public, for any use, and places a heavy burden of proof on individuals to meet a very restrictive set of criteria to prove their eligibility for a basic human right of privacy protection.

9.  The far better approach, NCUC submits, is that those who want the access to sensitive data should have to prove their “special circumstances” in order to access the data, just as is now the case with requests for additional information about the holders of telephone records or drivers’ licenses.

10. NCUC further notes that the SC Proposal’s recommendation, that a third party vendor review all requests for data protection, does not scale globally or across language groups, nor is it consistent with the mission of ICANN or the Purpose of Whois that the Names Council decided.

11. In regard to ccTLD practices, we note that the country codes of the United Kingdom, France, Italy, South Korea, Australia, and Canada (shortly to be finalized) all provide considerably more protection for sensitive data and allow individuals to decide on the publication of their sensitive data as a matter of right.

12. On the question of access to data not published, NCUC agrees with the registrars that there are existing procedures for requesting such data from the registrar of record. But we would like to see the rights of individual registrants made clearer and stronger, and we do not believe that registrars should be able to handle any form of disclosure at their own discretion. We believe that disclosure pursuant to law protects the registrars, registries and ICANN.

Registrar policies should follow those that already exist in their countries for disclosure of unlisted telephone numbers, email and chat room identities, etc.

13. At this time, NCUC cannot support a proposal to allow unpublished Whois data to be accessed by anyone who signs a contract agreeing to limitations on the use of the data. Although we recognize that sufficiently restrictive terms and conditions might make such a “tiered access” contract worth considering, we believe that such a policy of access must follow implementation of the OPoC proposal and be part of a new and separate PDP. Discussion of such a proposal must be linked to discussions about what data is collected by registrars; what fees should be charged to users of a tiered access regime (fees being justified both to finance the system, assign costs to cost-causers, and to discourage misuse of tiered access for unmotivated “fishing expeditions”); what limitations should be imposed on use and transfer of the data; what mechanisms would be used to enforce the contract; what kind of entities would be eligible for such contracts, what type of penalties should be imposed for abuse, and what types of access are allowed under national laws

14. NCUC views favorably the idea of giving registrants the option of allowing the domain name to lapse in lieu of revealing the information, as elaborated in the Preliminary Task Force Report.

15. NCUC has always maintained that better privacy protection can pave the way for more accurate data, and therefore supports the OPoC proposal’s accuracy improvement measures. Our support for improved accuracy is still contingent, however, upon a movement away from indiscriminate publication of sensitive contact data.

16. We close by reiterating once again the need for ICANN to move forward on this issue. In considering new policies, we urge the GNSO Council members, the GAC and ICANN’s Board to pay careful attention to which constituencies have been willing to compromise and make changes in their position to make a new policy possible, and how far those accommodating constituencies have been willing to go. This is the last chance to reach a good faith agreement.